package com.cskaoyan.config;

import com.cskaoyan.service.AuthService;
import com.cskaoyan.service.WxUserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.List;

@Component
public class WxCustormRealm extends AuthorizingRealm {
    @Autowired
    WxUserService wxUserService;


    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        String username = token.getUsername();
        String password = String.valueOf(token.getPassword());
        //TODO:关于密码加密后面再补充
        int code = wxUserService.queryUserByUsernameAndPassword(username, password);
        if (code == 200) {
            //表示查询到该账户，则将用户的id也返回
            Integer userId = wxUserService.queryAdminIdByUsernameAndPassword(username, password);
            return new SimpleAuthenticationInfo(userId, password, getName());
        }
        //String password = authService.queryAdminPassword(username);
        return null;//TODO :后处理
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        Integer userId = (Integer) principalCollection.getPrimaryPrincipal();//----->传入的是userId
        //通过userId查询该用户具有的权限
        //List<String> permissions = wxUserService.getOptionsByUserId(userId);
        return null;
    }


}
